How to properly reference a user control and dynamically add it to page?

I'm running Windows Vista and I've been searching around to try to find out how to remove the trojan-spy.win32

here's my hijack log Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 7:49:49 PM, on 10/6/2007 Platform: Windows Vista (WinNT 6.00.1904) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Online Video Add-on\icthis.exe C:\Program Files\Online Video Add-on\isfmntr.exe C:\Program Files\Online Video Add-on\icmntr.exe C:\Program Files\Online Video Add-on\isfmm.exe C:\Windows\zHotkey.exe C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\FlashGet\flashget.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.e… C:\Users\Owner\Desktop\HiJackThis_v2.e… R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5404 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5404 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5404 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {CFE15135-C591-4000-A55E-A50E5F9F82BC} - C:\Program Files\Online Video Add-on\isfmdl.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [CHotkey] zHotkey.exe O4 - HKLM\..\Run: [Trend Micro AntiVirus 2007] "C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe" -1 --delay 200 O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min O4 - HKLM\..\Run: [SBCSTray] "C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe" O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Online Video Add-on\icthis.exe O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Online Video Add-on\isfmntr.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCE… O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.d… O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.d… O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.D… O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O13 - Gopher Prefix: O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWi… O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing) O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing) O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe O23 - Service: Trend Micro AntiVirus Protection Service (tavsvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- End of file - 9012 bytes
Answer:

i have xp and have the same virus too... anyone knows how to get rid of it safely

Minori at Yahoo! Answers Visit the source

Was this solution helpful to you?

Other answers

If you go to the following link and post your log there an expert could help you through the cleaning process. http://www.bleepingcomputer.com/forums/forum22.html I would NOT advise you accept help modifying you HJT log from someone you do not know to be train in it's use. The modifying of a HJT log changes your registry. If you modify this an something goes wrong you can end up reinstalling windows. I have personally seen this on more than one occasion. Before you proceed backup ALL of your data and your registry. I use the freeware ERUNT to backup my registry. Tried and true. ERUNT http://www.larshederer.homepage.t-online.de/erunt/ Good luck.

acklan

Download the Stinger v3.8.0 and run it it should do the trick

K O

Run a free software scan. Norton, AVG , Avast are free antivirus software. Ad-aware, Ewido are free spyware removers. You can download free softwares at http://fixit.in/antivirus.html and http://fixit.in/spywareremover.html

oct r

Trojan is not easy to find. Unless you're using Kaspersky, NOD 32, or BitDefender products to find the trojan. Although the prices are high. But you will get what you pay for. PC-GuY

PC-&-GuY

im not sure if this will work but u can try it Switch off System Restore as back up files may be hiding in there, and it will just restore itself. Go to Start - programs - accessories - system tools - system restore. Download avg antispyware and run it. Then delete what it finds. Then run ccleaner(ccleaner.com) then restart. then run the avg cleaner again to see if its on there. And hope its not on there.If u cant get it off then try asqared antimalware.(emsisoft.com). If that dont work go use spysweeper. (webroot.com) Avg is what took all of my trojans off my pc. If u need any other help please feel free to IM or email me any time thanks. http://free.grisoft.com/doc/20/lng/us/tpl/v5 (avg spyware cleaner) http://www.emsisoft.com/en/ (Asquared) http://toolbar.yahoo.com/ (nortons spyware scanner) http://www.javacoolsoftware.com/ (spyware blaster) http://www.safer-networking.org/en/download/index.html (spybot search and destroy) http://www.lavasoftusa.com/products/ad-aware_se_personal.php (ad-aware-se) http://www.spywareterminator.com/ (spyware terminator) http://wiki.castlecops.com/Roll_your_own_Free_Security_Suite#Anti-Trojan -Sites where u can look up what kind of trojan u got- http://www.pchell.com/ http://www.pctools.com/en/mrc/infections/ http://www.uninstall-spyware.com/ http://www.spywareremove.com/remove-Trojans/index.html http://www.cybertechhelp.com http://www.annoyances.org http://www.neuber.com http://www.geekstogo.com http://www.techguy.org/welcome.html http://www.pchell.com/support/drivecleaner.shtml(how to remove certain spyware) -dll and exe- http://www.processlibrary.com/ http://www.answersthatwork.com/Tasklist_pages/tasklist.htm http://exelib.com/exe/25 http://www.liutilities.com/products/wintaskspro/processlibrary/ http://www.helpero.com/ -How to manually remove a trojan- You need to figure out the name of the .exe file that the virus is masquerading as and terminate it, delete it if you can, then remove any changes it may have made to the registry. Disclaimer: If the above advice doesn't make any sense to you, call a professional to come do it for you! EDIT: Since someone felt the need to rate this answer down, I'll post the FULL instructions on how to manually remove a virus from another thread where I posted it before. If you hit control+alt+delete, you can check out a list of processes that are running on your computer. Some viruses are smart and will disable your antivirus software so you can't detect or remove them as easily. If you know the name of the executable file that the virus is hiding out in and it's currently running on your computer, you need to shut that bad boy down before you'll be able to commence removal. Select the process from the list and hit "end process". Open up your registry editor (go to the start menu > run > and type in "regedit" without the quotation marks). You'll see what looks like a Windows Explorer directory tree. Open up HKEY_LOCAL_MACHINE>Software >Microsoft>Windows>Cu rrentVersion>Run and delete any entries under that particular category that match the .exe filename of the process which the virus is attached to. DO NOT ERASE ANYTHING THAT DOESN'T CONTAIN THE .EXE NAME OF THE VIRUS FILE. This will stop the virus from starting again when Windows reboots. Once you've stopped the process and removed the registry entry you can either run a virus scan and let your AV software zap the buggies or you can simply delete the executable file associated with the virus.

hi how are u doing today?

although hijack this isnt an accurate tool for virus removal, it is however one of them. I would back up my registry before making changes!! Dont delete the following just look in to them. I do question the following however O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll, R0 - HKCU\Software\Microsoft\Intern... Explorer\Main,Start Page = about:blank, O1 - Hosts: ::1 localhost and I do see that you have two AV's installed (Trend Mirco and McAfee) You need to get rid of one of them (I'd say McAfee) because having two can cause conflicts and will cause them to not work correctly. I also see you have run online scans with bitdefender and kaspersky. Have you run Trend Micro? what are the results? Do the scans in safe mode because in normal mode the file that might need to be scanned could be "locked". Hope this helps you some :)

~LoVe~

You can look for a removal tool on symantec, link below, also make sure you have a currently updated antivirus, and run it in safe mode. Avg is free if you need one. (for safe mode, reboot, and tap f8 until you get a boot menu prompt, and select safe mode).

lynx6201

Related Q & A:

Where can I download free windows vista themes?Best solution by Yahoo! Answers
How do I ask out this girl that I've known for many years?Best solution by Yahoo! Answers
How do I ask for job openings if I've never had a job before?Best solution by answers.yahoo.com
If I have a subscription to Seventeen and I'm moving out, how do I tell them my address has changed?Best solution by Yahoo! Answers
What do I include in a resume when I've never had a job?Best solution by Yahoo! Answers

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.